Remove limitation on the location of the images dir, #1172

[rdmark]

Rather than allowing only subdirs of /home as default image dir, this change only disallows the file system root itself.

A user may want to use mountpoints in /mnt, for instance, as the images dir.

[rdmark]

So it is of course risky, since piscsi has root access, to configure it to use /etc or /bin etc. as images dir. You could potentially delete critical system files with the web ui. How much do we want to trust users here?

[uweseimet]

@rdmark I disagree with this change because of the root access issues you mentioned. When I added configurable image folders I intentially (not arbitrarily) did not allow any folder/path to be the default folder. You may end up in a scenario where a minor typo (e.g. in scsictl) corrupts your complete Pi installation. This is similar to setting the suid bit for commands like rm, cp etc. Nobody would ever do this :).
If a user wants to use a directory not in /home this can be solved by a softlink, in order for this folder to appear in the /home folder, e.g.:

ln -s /some_folder /home/some_folder

Softlinks for images folders are explicitly supported.
Or you can specifiy an absolute path to an image, e.g. "/dev/hdc". The image does not have to be in any particular folder but can be anywhere.
Another alternative is to mount your (remote) image path into the /home folder instead of into /mnt. Compared to opening security/data integrity holes this is much less bad practice IMO. All in all, if a user has the required permissions she/he can mount a filesystem wherever he/she wants.

[rdmark]

@uweseimet I see your point, however using a subdir of /home seems to me arbitrarily tied to a particular user on the system, whereas piscsi could potentially be a shared concern by multiple users on the system. I did a bit of reading on people's thoughts on Linux file system practices, and the idea that a service that is strictly a local concern on a system is encouraged to use arbitrary new mountpoints in the root. I would argue that something like /piscsi/images would be a neat and safe default location. What do you think?

[uweseimet]

@rdmark Some time ago I pointed out that in my opinion easyinstall is too intrusive because it
installs all kinds of packages without user control. It effectively reconfigures/takes control over the Pi on a level that IMHO is not justified and may cause issues when you want to install/run other software than just piscsi. The response I received was that a user would not want to run anything else on a Pi with piscsi installed anyway. I also mentioned that not using /opt as the default package installation path is against standards and created a related ticket. There was no interest in adressing that. There was also no interest in a standardized regular apt-based installation mechanism.
Now you are talking about the Pi as a multi-user system, which implicitly means that multiple users independently install/run various pieces of software on it and standards become even more important. I see a contradiction here.

Anyway, I don't see that defining the Pi as a multi-user system means that piscsi must support any path for the images folder. On the contrary: On a multi-user system topics related to security/data integrity are particularly important, so it would even be more of a problem if you lose data by giving a process running as root unrestricted access to the whole filesystem. If something goes wrong (during an image file operation) not only your own data but also those of others may be gone. Therefore the multi-user scenario is rather a reason of not allowing any path for the images folder, isn't it?

Regarding new mount points in root: This sounds like a bad practice to me. I do not know any system that encourages this. Package-specific data are typically located in a folder in /var/lib, e.g. /var/lib/mysql or /var/lib/postgresql. A standardized solution for piscsi might be to have the images in /var/lib/piscsi only and nowhere else, i.e. the image path would not be configurable anymore. If I recall correctly the only reason the path is configurable at all is that there is not necessarily a user "pi", but the initial sources used a hard-coded image path /home/pi/images. I think I would be fine with /var/lib/piscsi as the one and only path, not configurable anymore. This would be similar to how other software packages do it. There would not be any data security or mount point issues.

[rdmark]

Using a fixed /var/lib/piscsi location sounds like a reasonable solution to me. However as you alluded to, I think such a change should be made as part of a proper packaging scheme (deb or otherwise) rather than a narrow install location fix. Some discussion about deb packaging is in #740 so I will make a note over there.

Discarding this PR